<?php
require(dirname(__FILE__)."/includes/init.php");
//error_reporting(0);

if(isset($_SESSION['user_name'])){
  $id = $_REQUEST['id'];
  if(!is_numeric($id)){
    exit;
  }
  $flag = isset($_REQUEST['flag'])?$_REQUEST['flag']:'';
  if(empty($flag)){
    $sql = "select * from template where id='".$id."'";
    $row = $GLOBALS['db']->dbGetRow($sql);
  }else{
    $title = addslashes($_REQUEST['title']);
    $type = $_REQUEST['type'];
    $content = addslashes($_REQUEST['content']);
    $sql = "update template set type='".$type."',title='".$title."',content='".$content."' where id='".$id."'";
    $row = $GLOBALS['db']->dbquery($sql);
  }
  $sql = "select * from template where id='".$id."'";
  $row = $GLOBALS['db']->dbGetRow($sql);
?>

<form action="" name="update" method="POST"> 
 <table width="854" height="292" border="1">
  <tr>
    <td>Name:</td>
    <td><input type="text" name="title" value="<?php echo htmlentities($row['title']);?>"/></td>
  </tr>
  <tr>
    <td>Type:</td>
    <td><input type="text" name="type" value=<?php echo $row['type'];?> /></td>
  </tr>
  
  <tr>
    <td>Content:</td>
    <td><textarea name="content" cols="150" rows="30"><?php echo $row['content'];?></textarea></td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td><input type="hidden" name="flag" value="2"><input type="hidden" name="id" value=<?php echo $row['id'];?>><input type="submit" name="Submit" value="submit" /></td>
  </tr>
</table>
</form>
<?php }
else{
	exit;
}
?>
<title>编辑模板</title>
